d3d6c638c5f3c1f3f2ee69b4925860aef7dcd7995983adc34dfaea1de5376171 | Triage

Sharing

General

Target

a869b0b2a0668a12d4c834f98cb2d1c0
Size

119KB
Sample

240227-gvnrqsaa89
MD5

a869b0b2a0668a12d4c834f98cb2d1c0
SHA1

18233151847021beac4c9143dc5eebc7809564d8
SHA256

d3d6c638c5f3c1f3f2ee69b4925860aef7dcd7995983adc34dfaea1de5376171
SHA512

c24d31eb10a387f6a85529ded7d65e55f51e410e1bff80434348afb36fe5c2f8b6b4f7a1f72879c71b65dcacf9c1ac6a8448753bb66bf03b6d01a5264ad62191
SSDEEP

3072:2I3toui8zXAbhqqd0geTmNnwO8WSYwoWillNNis:2I3toUXend0VMp+bQE

Score

7^/10

Malware Config

Targets

- Target
  
  a869b0b2a0668a12d4c834f98cb2d1c0
- Size
  
  119KB
- MD5
  
  a869b0b2a0668a12d4c834f98cb2d1c0
- SHA1
  
  18233151847021beac4c9143dc5eebc7809564d8
- SHA256
  
  d3d6c638c5f3c1f3f2ee69b4925860aef7dcd7995983adc34dfaea1de5376171
- SHA512
  
  c24d31eb10a387f6a85529ded7d65e55f51e410e1bff80434348afb36fe5c2f8b6b4f7a1f72879c71b65dcacf9c1ac6a8448753bb66bf03b6d01a5264ad62191
- SSDEEP
  
  3072:2I3toui8zXAbhqqd0geTmNnwO8WSYwoWillNNis:2I3toUXend0VMp+bQE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2